Friday, November 28, 2014

Computer: Cyber World and India

For Computer Part 1 : Click Here

For Computer Part 2: Click Here



#Cyberspace: The total interconnections of human beings through computers and telecommunication without regards to physical geography.

#Data Transferred: in digital form means in 1 and 0

# Authentication: Data + Identity

Security Threads
1)Hacking: illegal intrusion into a computer system and / or  network

2)Cyber Stalking: Use of internet or other electronic communication devices to stalk another person

3) Denial of Service: technology driven cyber intrusion where by the influence floods the bandwidth or blocks the user's mail with spam mails depriving the user access to the services.

Malwares:
         -Softwares designed to perform illegal act via the computer network

  • Virus: a program that can infect other programs by modifying them and harm the system
  • Worms: Malicious programs that copy themselves from system to system rather than infiltrating legitimate files
  • Trojan: or Trojan Horse
    -do things other than what is expected by user
    -impares the security of system
    -Do not replicate them but they are destructive
  • Hoax: an email that warns the user of a certain system that is harming the computer and offers to run some procedure and after downloading it invades the system and deletes important files.
  • Spywares: invades computer and monitors user's activities without consent.
#Phishing: phishers lure users to a phony website , usually by sending them an authentic appearing email. Once at the fake sit, users are tricked into divulging a variety of private info.

Data Related: 
  • Data Interception : Hijacking emails, interference of an intermediatory in the network may be a prelude to another type of computer crime typically data modification.
  • Data Diddling : Usually done in conjunction with data interception valid data intended for a recipient is hijacked or intercepted and then replaced with an erroneous one. This could also apply to illegal tapping into database and altering its content. basically any form of altering without authorization falls under this category.
  • Data theft:outright stealing of most commonly classified or proprietary information without authorization.
#Email Spamming or bombing:
-Spam: Spending of unsolicited messages in bulk.
-Bombing: a large number of messages maybe the same or different messages posted in same or different email addresses

Some New internet bots:

  • Stuxnet: Designed to attack industrial programmable logic controllers was directed against Iranian nuclear programme.(Year 2011)
  • Daqu: (semp 2011)- Daqu work targets ranging from banking to governmental to energy networks.
    -Flames and the Mahdi trojan have same DNA as Daqu.
  • Wiper: A new Virus against Iran
    -April 2012: More mallicious and wiped off the data on all computers that it infect.
  • Shamoon: Saudi
    -Wiped out the data from Saudi Arabian State Oil Company.
Why We need to regulate the cyberspace:
1) To strictly prohibit child pornography and regulate pornography.
2)Protection of IPR
3)Data protection and data privacy
4)To prohibit money laudering==> Online Gambling

Tools to protect against cyber threads.

1)Digital Signature : 
Working:
Sender's side: 
Data=>Hash Algorithm==>Hash Value==> Private key
Data+Private Key==> Encrypted Data

Receiver's Side;
Encrypted Data=public key=> Hash value
Hash Value+Encrypted data ==> Hash Algorithm==> Data

2) Encryption: To encode data for maintaining its privacy.

3)Cyber forensic

4)Security Audits


National Cyber Security Policy, 2013
1)To build secure and resilient cyber space
2)Creating a secure ecosystem , generate trust in IT transactions.
3)24*7=> National Critical Information Infrastructure Protection Center 
4) Indigenous technological solutions
5) Testing ICT, products and certify them
6) Creating workforce of 500000 in the field
7) Fiscal benefits for business who accepts standard IT practices.

India's Surveillance Projects:
-NATGRID

-CMS

-NETRA: Internet Spy System Network and Traffic Analysis System

*NTRO: National Technical Research Organisation=>Protect the critical  ICT infrastructure of India.

*CERT: Computer Emergency Response Team

*IT Security Product=> ISO 15408 => Common criteria for security testing standards


Cyber Regulations Appellate Tribunal:
-To entertain the cases of any person aggrived the order made by the Controller of Certifying Authority or the Adjudicating Officer.
-IT Act, 2000 Section 48(1).


Control Over the Internet
  • NameSpace=> Internet Corporation for Assigned Names and Numbers (ICNANN)
  • IPv4 and IPv6=> Internet Engineering Task Force (IETF)
  • World (Except US) wants Internet Governance Forum(IGF)
  • Allocation of IP Address=>
    -For Asia=> Asia-Pacific Network Information Centre (APNIC) 

No comments:

Post a Comment